gitwithterrence
diff --git a/‎docs/overview/changelog.md
Lines changed: 4 additions & 0 deletions b/‎docs/overview/changelog.md
Lines changed: 4 additions & 0 deletions
diff --git a/‎docs/production/authentication-methods.md
Lines changed: 1 addition & 1 deletion b/‎docs/production/authentication-methods.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/production/settings.md
Lines changed: 19 additions & 6 deletions b/‎docs/production/settings.md
Lines changed: 19 additions & 6 deletions
diff --git a/‎templates/corporate/policies/index.md
Lines changed: 5 additions & 0 deletions b/‎templates/corporate/policies/index.md
Lines changed: 5 additions & 0 deletions
diff --git a/‎templates/corporate/policies/missing.md
Lines changed: 1 addition & 0 deletions b/‎templates/corporate/policies/missing.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎templates/corporate/privacy.md renamed to ‎templates/corporate/policies/privacy.md b/‎templates/corporate/privacy.md renamed to ‎templates/corporate/policies/privacy.md
diff --git a/‎templates/corporate/policies/sidebar_index.md
Lines changed: 2 additions & 0 deletions b/‎templates/corporate/policies/sidebar_index.md
Lines changed: 2 additions & 0 deletions
diff --git a/‎templates/corporate/terms.md renamed to ‎templates/corporate/policies/terms.md b/‎templates/corporate/terms.md renamed to ‎templates/corporate/policies/terms.md
diff --git a/‎templates/zerver/documentation_main.html
Lines changed: 14 additions & 0 deletions b/‎templates/zerver/documentation_main.html
Lines changed: 14 additions & 0 deletions
diff --git a/‎templates/zerver/policies_absent/missing.md
Lines changed: 6 additions & 0 deletions b/‎templates/zerver/policies_absent/missing.md
Lines changed: 6 additions & 0 deletions
diff --git a/‎templates/zerver/policies_absent/sidebar_index.md
Lines changed: 1 addition & 0 deletions b/‎templates/zerver/policies_absent/sidebar_index.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎templates/zerver/portico-header.html
Lines changed: 3 additions & 0 deletions b/‎templates/zerver/portico-header.html
Lines changed: 3 additions & 0 deletions
diff --git a/‎templates/zerver/privacy.html
Lines changed: 0 additions & 38 deletions b/‎templates/zerver/privacy.html
Lines changed: 0 additions & 38 deletions
diff --git a/‎templates/zerver/terms.html
Lines changed: 0 additions & 35 deletions b/‎templates/zerver/terms.html
Lines changed: 0 additions & 35 deletions
diff --git a/‎zerver/context_processors.py
Lines changed: 7 additions & 2 deletions b/‎zerver/context_processors.py
Lines changed: 7 additions & 2 deletions
diff --git a/‎zerver/forms.py
Lines changed: 1 addition & 1 deletion b/‎zerver/forms.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎zerver/tests/test_auth_backends.py
Lines changed: 11 additions & 11 deletions b/‎zerver/tests/test_auth_backends.py
Lines changed: 11 additions & 11 deletions
@@ -34,6 +34,10 @@ log][commit-log] for an up-to-date list of raw changes.
 - This release contains a migration, `0009_confirmation_expiry_date_backfill`,
   that can take several minutes to run on a server with millions of
   messages of history.
+- The `TERMS_OF_SERVICE` and `PRIVACY_POLICY` settings have been
+  removed in favor of a system that supports additional policy
+  documents, such as a code of conduct. See the [updated
+  documentation](../production/settings.md) for the new system.
 
 #### Full feature changelog
 
 
@@ -850,7 +850,7 @@ prefills that value in the new account creation form, but gives the
 user the opportunity to edit it before submitting. When `True`, Zulip
 assumes the name is correct, and new users will not be presented with
 a registration form unless they need to accept Terms of Service for
-the server (i.e. `TERMS_OF_SERVICE=True`).
+the server (i.e. `TERMS_OF_SERVICE_VERSION` is set).
 
 ## Adding more authentication backends
 
 
@@ -86,12 +86,25 @@ and configure this service.
 ### Terms of Service and Privacy policy
 
 Zulip allows you to configure your server's Terms of Service and
-Privacy Policy pages (`/terms` and `/privacy`, respectively). You can
-use the `TERMS_OF_SERVICE` and `PRIVACY_POLICY` settings to configure
-the path to your server's policies. The syntax is Markdown (with
-support for included HTML). A good approach is to use paths like
-`/etc/zulip/terms.md`, so that it's easy to back up your policy
-configuration along with your other Zulip server configuration.
+Privacy Policy pages (`/terms` and `/privacy`, respectively).
+
+You can configure this using the `POLICIES_DIRECTORY` setting. We
+recommend using `/etc/zulip/policies`, so that your policies are
+naturally backed up with the server's other configuration. Just place
+Markdown files named `terms.md` and `privacy.md` in that directory,
+and set `TERMS_OF_SERVICE_VERSION` to `1.0` to enable this feature.
+
+You can place additional files in this directory to document
+additional policies; if you do so, you may want to:
+
+- Create a Markdown file `sidebar_index.md` listing the pages in your
+  policies site; this generates the policies site navigation.
+- Create a Markdown file `missing.md` with custom content for 404s in
+  this directory.
+
+Please make clear in these pages what organization is hosting your
+Zulip server, so that nobody could be confused that your policies are
+the policies for Zulip Cloud.
 
 ### Miscellaneous server settings
 
 
@@ -0,0 +1,5 @@
+# Terms and policies
+
+* [Terms of Service](/policies/terms)
+* [Privacy Policy](/policies/privacy)
+* [Rules of Use](/policies/rules)
@@ -0,0 +1 @@
+No such page.
@@ -0,0 +1,2 @@
+## [Terms of Service](/policies/terms)
+## [Privacy Policy](/policies/privacy)
@@ -10,10 +10,20 @@
 <div class="app help terms-page inline-block{% if page_is_help_center %} help-center{% endif %}{% if page_is_api_center %} api-center{% endif %}">
     <div class="sidebar">
         <div class="content">
+            {% if not page_is_policy_center %}
             <h1><a href="https://zulip.com" class="no-underline">Zulip homepage</a></h1>
             <h1><a href="{{ doc_root }}" class="no-underline">{{ doc_root_title }} home</a></h1>
+            {% endif %}
+
+            {% if page_is_policy_center %}
+            {{ render_markdown_path(sidebar_index, pure_markdown=True) }}
+            {% else %}
             {{ render_markdown_path(sidebar_index, api_uri_context) }}
+            {% endif %}
+
+            {% if not page_is_policy_center %}
             <h1 class="home-link"><a href="/" class="no-underline">Back to Zulip</a></h1>
+            {% endif %}
         </div>
     </div>
 
@@ -23,7 +33,11 @@ <h1 class="home-link"><a href="/" class="no-underline">Back to Zulip</a></h1>
 
     <div class="markdown">
         <div class="content">
+            {% if page_is_policy_center %}
+            {{ render_markdown_path(article, pure_markdown=True) }}
+            {% else %}
             {{ render_markdown_path(article, api_uri_context) }}
+            {% endif %}
 
             <div id="footer" class="documentation-footer">
                 <hr />
 
@@ -0,0 +1,6 @@
+This server is an installation of [Zulip](https://zulip.com), open
+source software for team collaboration.
+
+This installation of Zulip has not been configured to display its
+policies. You can contact its administrators using the email address
+displayed below.
@@ -0,0 +1 @@
+## No policies configured
@@ -17,6 +17,9 @@
                 {% if page_is_api_center %}
                 <span class="light"> | <a href="{{ root_domain_uri }}/api/">{{ doc_root_title }}</a></span>
                 {% endif %}
+                {% if page_is_policy_center %}
+                <span class="light"> | <a href="{{ root_domain_uri }}/policies/">{{ doc_root_title }}</a></span>
+                {% endif %}
             </div>
             {% endif %}
         </div>
 
@@ -81,6 +81,11 @@ def get_apps_page_url() -> str:
     return "https://zulip.com/apps/"
 
 
+def is_isolated_page(request: HttpRequest) -> bool:
+    """Accept a GET param `?nav=no` to render an isolated, navless page."""
+    return request.GET.get("nav") == "no"
+
+
 def zulip_default_context(request: HttpRequest) -> Dict[str, Any]:
     """Context available to all Zulip Jinja2 templates that have a request
     passed in.  Designed to provide the long list of variables at the
@@ -145,8 +150,7 @@ def zulip_default_context(request: HttpRequest) -> Dict[str, Any]:
         "custom_logo_url": settings.CUSTOM_LOGO_URL,
         "register_link_disabled": register_link_disabled,
         "login_link_disabled": login_link_disabled,
-        "terms_of_service": settings.TERMS_OF_SERVICE,
-        "privacy_policy": settings.PRIVACY_POLICY,
+        "terms_of_service": settings.TERMS_OF_SERVICE_VERSION is not None,
         "login_url": settings.HOME_NOT_LOGGED_IN,
         "only_sso": settings.ONLY_SSO,
         "external_host": settings.EXTERNAL_HOST,
@@ -172,6 +176,7 @@ def zulip_default_context(request: HttpRequest) -> Dict[str, Any]:
         "platform": RequestNotes.get_notes(request).client_name,
         "allow_search_engine_indexing": allow_search_engine_indexing,
         "landing_page_navbar_message": settings.LANDING_PAGE_NAVBAR_MESSAGE,
+        "is_isolated_page": is_isolated_page(request),
         "default_page_params": default_page_params,
     }
 
 
@@ -126,7 +126,7 @@ def __init__(self, *args: Any, **kwargs: Any) -> None:
         del kwargs["realm_creation"]
 
         super().__init__(*args, **kwargs)
-        if settings.TERMS_OF_SERVICE:
+        if settings.TERMS_OF_SERVICE_VERSION is not None:
             self.fields["terms"] = forms.BooleanField(required=True)
         self.fields["realm_name"] = forms.CharField(
             max_length=Realm.MAX_REALM_NAME_LENGTH, required=self.realm_creation
 
@@ -1416,7 +1416,7 @@ def stage_two_of_registration(
 
         self.assertFalse(user_profile.has_usable_password())
 
-    @override_settings(TERMS_OF_SERVICE=None)
+    @override_settings(TERMS_OF_SERVICE_VERSION=None)
     def test_social_auth_registration(self) -> None:
         """If the user doesn't exist yet, social auth can be used to register an account"""
         email = "[email protected]"
@@ -1431,7 +1431,7 @@ def test_social_auth_registration(self) -> None:
             result, realm, subdomain, email, name, name, self.BACKEND_CLASS.full_name_validated
         )
 
-    @override_settings(TERMS_OF_SERVICE=None)
+    @override_settings(TERMS_OF_SERVICE_VERSION=None)
     def test_social_auth_mobile_registration(self) -> None:
         email = "[email protected]"
         name = "Full Name"
@@ -1458,7 +1458,7 @@ def test_social_auth_mobile_registration(self) -> None:
             mobile_flow_otp=mobile_flow_otp,
         )
 
-    @override_settings(TERMS_OF_SERVICE=None)
+    @override_settings(TERMS_OF_SERVICE_VERSION=None)
     def test_social_auth_desktop_registration(self) -> None:
         email = "[email protected]"
         name = "Full Name"
@@ -1485,7 +1485,7 @@ def test_social_auth_desktop_registration(self) -> None:
             desktop_flow_otp=desktop_flow_otp,
         )
 
-    @override_settings(TERMS_OF_SERVICE=None)
+    @override_settings(TERMS_OF_SERVICE_VERSION=None)
     def test_social_auth_registration_invitation_exists(self) -> None:
         """
         This tests the registration flow in the case where an invitation for the user
@@ -1507,7 +1507,7 @@ def test_social_auth_registration_invitation_exists(self) -> None:
             result, realm, subdomain, email, name, name, self.BACKEND_CLASS.full_name_validated
         )
 
-    @override_settings(TERMS_OF_SERVICE=None)
+    @override_settings(TERMS_OF_SERVICE_VERSION=None)
     def test_social_auth_with_invalid_multiuse_invite(self) -> None:
         email = "[email protected]"
         name = "Full Name"
@@ -1528,7 +1528,7 @@ def test_social_auth_with_invalid_multiuse_invite(self) -> None:
         self.assertEqual(result.status_code, 404)
         self.assert_in_response("Whoops. The confirmation link is malformed.", result)
 
-    @override_settings(TERMS_OF_SERVICE=None)
+    @override_settings(TERMS_OF_SERVICE_VERSION=None)
     def test_social_auth_registration_using_multiuse_invite(self) -> None:
         """If the user doesn't exist yet, social auth can be used to register an account"""
         email = "[email protected]"
@@ -1628,7 +1628,7 @@ def test_social_auth_registration_without_is_signup_closed_realm(self) -> None:
             result,
         )
 
-    @override_settings(TERMS_OF_SERVICE=None)
+    @override_settings(TERMS_OF_SERVICE_VERSION=None)
     def test_social_auth_with_ldap_populate_registration_from_confirmation(self) -> None:
         self.init_default_ldap_database()
         email = "[email protected]"
@@ -1691,7 +1691,7 @@ def test_social_auth_with_ldap_populate_registration_from_confirmation(self) ->
             log_warn.output, [f"WARNING:root:New account email {email} could not be found in LDAP"]
         )
 
-    @override_settings(TERMS_OF_SERVICE=None)
+    @override_settings(TERMS_OF_SERVICE_VERSION=None)
     def test_social_auth_with_ldap_auth_registration_from_confirmation(self) -> None:
         """
         This test checks that in configurations that use the LDAP authentication backend
@@ -1784,7 +1784,7 @@ def test_social_auth_complete_when_base_exc_is_raised(self) -> None:
             self.assertEqual(result.status_code, 302)
             self.assertIn("login", result.url)
 
-    @override_settings(TERMS_OF_SERVICE=None)
+    @override_settings(TERMS_OF_SERVICE_VERSION=None)
     def test_social_auth_invited_as_admin_but_expired(self) -> None:
         iago = self.example_user("iago")
         email = self.nonreg_email("alice")
@@ -2167,7 +2167,7 @@ def test_saml_auth_enabled(self) -> None:
                 result,
             )
 
-    @override_settings(TERMS_OF_SERVICE=None)
+    @override_settings(TERMS_OF_SERVICE_VERSION=None)
     def test_social_auth_registration_auto_signup(self) -> None:
         """
         Verify that with SAML auto signup enabled, a user coming from the /login page
@@ -3335,7 +3335,7 @@ def get_account_data_dict(self, email: str, name: str) -> Dict[str, Any]:
             family_name=name.split(" ")[1],
         )
 
-    @override_settings(TERMS_OF_SERVICE=None)
+    @override_settings(TERMS_OF_SERVICE_VERSION=None)
     def test_social_auth_registration_auto_signup(self) -> None:
         """
         The analogue of the auto_signup test for SAML.
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+## [Terms of Service](/policies/terms)`
	`2`	`+## [Privacy Policy](/policies/privacy)`